[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: 2.3.2.1.1 Validality of bounded assertions
saml-dev - I need assistance in the interpretation of 2.3.2.1.1 `Attributes NotBefore and NotOnOrAfter.' The model: The assertion is submitted to an interactive service and the assertion bounds are specified NotBefore and NotOnorAfter. The assertion is processed within the range (NotBefore,NotOnorAfter). Question: NotOnOrAfter is the upper bound of the validity of the assertion. Is the upper bound similar to the max_life within DCE (Distribute Computing Environment), which service is terminated upon max_life? In the model, the interactive service would be terminated upon reaching NotOnOrAfter. Or is the bounds the period in which the assertion must be verified. After assertion verification, the bounds are no longer considered. In the model, once the assertion is successfully processed, NotOnOrAfter has no effect on the behavior of the interactive service. -Thanks Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]